Author Topic: Spam for the Forum (NSFW!)  (Read 12854 times)

0 Members and 1 Guest are viewing this topic.

justin1278

  • Guest
Re: Spam for the Forum (NSFW!)
« Reply #15 on: October 13, 2006, 12:00:42 AM »
But I refuse to install RC here, that's not an option. Activation/hiding of emails is also here, and is turned on.

Although it is a RC it is extremely stable and runs great, it has more features and better control to help stop spam. I understand you not wanting to install an RC but once again it is very stable, Comodo forums are using the RC3 and have had no problems. And it has also helped to cut down on spam a lot.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33517
  • malware fighter
Re: Spam for the Forum (NSFW!)
« Reply #16 on: October 13, 2006, 12:10:12 AM »
Hi kubecj,

Should we take the links out of the top two posting of this thread, could lead to more spamming. "Spim" is going to be more of a problem, you hear of it more and more, warnings of possible trickery should come in,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

justin1278

  • Guest
Re: Spam for the Forum (NSFW!)
« Reply #17 on: October 13, 2006, 12:12:34 AM »
Hi kubecj,

Should we take the links out of the top two posting of this thread, could lead to more spamming. "Spim" is going to be more of a problem, you hear of it more and more, warnings of possible trickery should come in,

polonus

I was thinking the same thing. I think it might be a nice idea.

neal62

  • Guest
Re: Spam for the Forum (NSFW!)
« Reply #18 on: October 13, 2006, 12:21:06 AM »
Believe what is happening was mentioned in this thread HERE.

kubecj

  • Guest
Re: Spam for the Forum (NSFW!)
« Reply #19 on: October 13, 2006, 12:32:29 AM »
It was not, no hole was used. Registered users see the emails anyway, if other users show them.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 86914
  • No support PMs thanks
Re: Spam for the Forum (NSFW!)
« Reply #20 on: October 13, 2006, 12:33:39 AM »
It's a Personal Message sent by malicious user thru this forum. I'm sorry for that but currently I see no way how to prevent such actions.  >:(

The person was banned ASAP (but not as soon as I'd want)

Is it not time to introduce a precaution to make it more difficult for people to do drive by spam of the forums and consequently forum members.

There is a thread where This forum spamming was discussed and I suggested that registration shouldn't be a single operation, fill in the form to register with a legit email address and an email is sent to that address with either an activation link or a code for them to enter to complete the registration. Until registration is complete then they can't post and they can't send PMs. No PM, no notification email.

I know this isn't an infallible system with throw away hotmail addresses, etc. but it inconveniences them if they have to get a new email once they are banned. In forming the registrant that the IP address will be noted on registration could also be a deterrent and nothing to worry about for genuine forum members.

These measures are becoming common on other forums, not sure if it is directly to combat this or for other reasons.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 22.9.6034 (build 22.9.7554.734) UI 1.0.728/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

JediMasterCK

  • Guest
Re: Spam for the Forum (NSFW!)
« Reply #21 on: October 13, 2006, 12:47:23 AM »
I did not analyze the PM, but, the little bit I saw was probably vulgar and this requires some action on avast's part...

I stand by my suggestion to upgrade to the latest SMF version - it is standard operating procedure for good security to use the latest software...

No more words from Me on the matter...

bitemehardly

  • Guest
Re: Spam for the Forum (NSFW!)
« Reply #22 on: October 13, 2006, 01:33:22 AM »
This spam was sent to me via an email address that was ONLY given to avast! and their forum. The address is hidden in my profile. Grrrrrr.....

kabibbles

  • Guest
Re: Spam for the Forum (NSFW!)
« Reply #23 on: October 13, 2006, 01:48:03 AM »
That was what I thought to bitemehardly.  I just checked my pm's and the message is in there also.  When I checked my profile, I had the box ticked for notify me when I have new pm's, that is why it came to my personal email account.  Untick that box and you won't get this sort of spam anymore.  Hope it helps.

justin1278

  • Guest
Re: Spam for the Forum (NSFW!)
« Reply #24 on: October 13, 2006, 01:54:21 AM »
Hi,

Look no e-mail addresses were compromised (as long as you have chosen to hide them) the spammer sent a Personal Message, after the message was sent and the user it was sent to recieved it, then you will recieve an e-mail notification from the avast! forums notifying you that you have recieved a personal message, the notice will also have the content of the PM in it.

Hope this answers some questions.

JediMasterCK

  • Guest
Re: Spam for the Forum (NSFW!)
« Reply #25 on: October 13, 2006, 03:06:36 AM »
I know I said I wouldn't comment any more on this, but, I just got a SECOND PM probably identical to the first...

I think it's safe to say this forum/server has been hacked...

I suggest IMMEDIATE EMERGENCY response here...

CHANGE ALL PASSWORDS IMMEDIATELY... Mysql, Root, SMF Admin, ALL of them... Activate in Registration "Member APPROVAL by Admin"... Restrict the Newbie (or whatever) member group to ZERO PMs...

NOW...

Offline .: Mac :.

  • Avast Überevangelist
  • Ultra Poster
  • *****
  • Posts: 5093
Re: Spam for the Forum (NSFW!)
« Reply #26 on: October 13, 2006, 03:16:23 AM »
Jedi Master, the forum has not been hacked. That user just created an account to send PMs thats all.

Kubecj does not want to install a beta or RC build, ALWIL has enough to do without reinstalling the forum software because of a bug and I don't blame them!
"People who are really serious about software should make their own hardware." - Alan Kay

Offline .: Mac :.

  • Avast Überevangelist
  • Ultra Poster
  • *****
  • Posts: 5093
Re: Spam for the Forum (NSFW!)
« Reply #27 on: October 13, 2006, 03:18:13 AM »
By the way they have apparenty re-registered with the new username EdwardN as I got another PM identical to the first
"People who are really serious about software should make their own hardware." - Alan Kay

beatme101

  • Guest
Re: Spam for the Forum (NSFW!)
« Reply #28 on: October 13, 2006, 03:19:22 AM »
Huh, I got this spam too. Funny how phpbb doesn't send PM content to the email, this forum could learn something from phpbb. (Edit: Also visual confirmation...)

I know I said I wouldn't comment any more on this, but, I just got a SECOND PM probably identical to the first...

I think it's safe to say this forum/server has been hacked...

I suggest IMMEDIATE EMERGENCY response here...

CHANGE ALL PASSWORDS IMMEDIATELY... Mysql, Root, SMF Admin, ALL of them... Activate in Registration "Member APPROVAL by Admin"... Restrict the Newbie (or whatever) member group to ZERO PMs...

NOW...

Okay.. You get a little bit of spam and you start crying "OMG HAX"? Jumpy today, aren't you?
« Last Edit: October 13, 2006, 03:21:43 AM by beatme101 »

MegletTX

  • Guest
Re: Spam for the Forum (NSFW!)
« Reply #29 on: October 13, 2006, 03:25:50 AM »
I too received this just now (from EdwardN whose profile indicates "he" is still online and most likely is PMming as fast as he can before that account gets shut down) and was worried about a hack because the email said it was an urgent message from ADMIN....now I am realizing that was just the subject of the PM.

Just to reiterate if any of you haven't caught on yet...no one's email address has been compromised, it is a PM sent to your account HERE and the account HERE is set up to send you an email when you receive a PM.  NO ONE HAS YOUR EMAIL ADDRESS.